home

UNS.exe

Intel Management & Security Application User Notification Service

The executable UNS.exe, “User Notification Service” has been detected as malware by 13 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “Intel(R) Management & Security Application User Notification Service”.
Publisher:
Intel Corporation*  (Invalid match)

Product:
Intel(R) Management & Security Application User Notification Service

Description:
User Notification Service

Version:
6.1.0.1046

MD5:
1e04749afbcf982a66c0f0a8b6f05c94

SHA-1:
dc21cedfe961d316ce5c7c353262f980833b2b05

SHA-256:
8b129261166c3f40ba1429794ae6e82fdff8a3c5200a65717de7347127dd3ce1

Scanner detections:
13 / 68

Status:
Malware

Analysis date:
5/7/2024 7:09:31 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Kukacka
160203-1

AVG
Win32/Sality
2015.0.4522

Boost by Reason
Optional.IntelCorporation.Service
188838

Dr.Web
Win32.Sector.30
9.0.1.05190

Emsisoft Anti-Malware
Win32.Sality
10.0.0.5366

ESET NOD32
Win32/Sality.NBA virus
7.0.302.0

F-Prot
W32/Sality.gen2
4.6.5.141

McAfee
Virus.W32/Sality.gen.z
18.0.204.0

Microsoft Security Essentials
Threat.Undefined
1.213.5329.0

Norman
Win32.Sality.3
03.02.2016 10:30:35

Sophos
Virus 'Mal/Sality-D'
5.23

VIPRE Antivirus
Threat.4721115
46962

File size:
2.5 MB (2,607,128 bytes)

Product version:
6.1.0.1046

Copyright:
Copyright © 2006-2010, Intel Corporation. All rights reserved.

Original file name:
UNS.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Program Files\intel\intel(r) management engine components\uns\uns.exe

File PE Metadata
Compilation timestamp:
5/7/2010 3:30:55 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
24576:VmZn4jMQ6JzqgrrcVNSa5hOTT9i8Il3iHvyPbtjYvoqiLZxKvo+9qbZ4CWILH/pC:3jDNdIK9/KvxgCCZTpUBSCC0

Entry address:
0x19F17C

Entry point:
60, B5, 76, 88, E5, C7, C2, 5E, EB, CA, F5, F7, C2, E6, 0E, DB, 47, 0F, A5, EB, 0F, BF, DD, 0F, BA, F1, 0A, 0F, A4, F9, 93, 8B, F7, FF, CF, 88, D6, F6, D9, F3, F6, C6, AE, 8D, 35, 09, A8, 80, 0D, 0F, BE, C9, F6, C5, 30, 8D, 35, 33, 80, B0, C8, 69, EE, F6, C6, D3, AA, F6, D5, 43, E8, 27, 00, 00, 00, 0F, C0, F0, 89, C8, 81, FD, DD, C8, 00, 00, 75, 03, C1, C3, 02, D1, D3, 0F, BD, CE, FE, CB, 81, C6, 53, 34, 00, 00, 18, D2, 87, DA, 81, C6, F3, 08, 00, 00, 0F, BA, E5, 73, F6, C7, 37, EB, 06, 2B, EE, 84, CB, 1C...
 
[+]

Entropy:
6.5995

Code size:
1.9 MB (1,964,032 bytes)

Service
Display name:
Intel(R) Management & Security Application User Notification Service

Service name:
UNS

Description:
Intel(R) Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel(R) Management and Security

Type:
Win32OwnProcess

Depends on:
LMS


Remove UNS.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.